Setting up DNS

Steps to set up the DNS server for IBM Spectrum Fusion HCI appliance.

1. Run the following command to suspend updates to all dynamic zones:

   rndc freeze

2. Edit your forward lookup at /var/named folder:
   Note: Forward look up returns IP address of a hostname.

   Sample forward lookup file:

   $TTL 1W
   @       IN      SOA     ns1.isf.mycompany.com.      root (
                           2021052608      ; serial
                           3H              ; refresh (3 hours)
                           30M             ; retry (30 minutes)
                           2W              ; expiry (2 weeks)
                           1W )            ; minimum (1 week)
           
   ;
   ns1                 IN  A       <dns-vip-ip>
   api                 IN  A       10.44.100.143
   
   ; Ingress LB (apps)
   *.apps          IN      A       10.44.100.144  //<wildcard-ingress-lb-ip>;
   ; Create entries for the master nodes
   control-0       IN      A       10.44.100.145
   control-1       IN      A       10.44.100.146
   control-2       IN      A       10.44.100.147
   ;
   ; Create entries for the worker nodes
   compute-0       IN      A       10.44.100.148
   compute-1       IN      A       10.44.100.149
   compute-2       IN      A       10.44.100.150
   ; AFM nodes
   compute-13      IN      A       10.44.100.156
   compute-14      IN      A       10.44.100.157
   ; GPU nodes
   compute-15      IN      A       10.44.100.158
   compute-16      IN      A       10.44.100.159
   ;
   ;EOF

3. Edit the reverse lookup file at /var/named/reverse.db folder.

   Reverse look up returns hostname of an IP address.

   Sample reverse lookup file:

   $TTL 1W
   @	IN	SOA	ns1.isf.mycompany.com.	root (
   			2021052608	; serial
   			3H		; refresh (3 hours)
   			30M		; retry (30 minutes)
   			2W		; expiry (2 weeks)
   			1W )	; minimum (1 week)
   	IN	NS	ns1.isf.mycompany.com.
   ;
   143	IN	PTR	api.isf.mycompany.com.
   151	IN	PTR	bootstrap.isf.mycompany.com.
   ;
   ; syntax is "last octet" and the host must have fqdn with trailing dot
   145	IN	PTR	control-0.isf.mycompany.com.
   146	IN	PTR	control-1.isf.mycompany.com.
   147	IN	PTR	control-2.isf.mycompany.com.
   ;
   148	IN	PTR	compute-0.isf.mycompany.com.
   149	IN	PTR	compute-1.isf.mycompany.com.
   150	IN	PTR	compute-2.isf.mycompany.com.
   156	IN	PTR	compute-13.isf.mycompany.com.
   157	IN	PTR	compute-14.isf.mycompany.com.
   158	IN	PTR	compute-15.isf.mycompany.com.
   159	IN	PTR	compute-16.isf.mycompany.com.
   ;
   ;EOF

   In this example, the IP addresses 10.44.100.143-159 points to the corresponding fully qualified domain name.

4. Ensure that your named.conf file in the /etc folder contains details of your forward and reverse lookup files.
   Sample named.conf file:

   [root@provisioner named]# cat /etc/named.conf
   
   options {
   	listen-on port 53 { any; };
   	listen-on-v6 port 53 { ::1; };
   	directory 	"/var/named";
   	dump-file 	"/var/named/data/cache_dump.db";
   	statistics-file "/var/named/data/named_stats.txt";
   	memstatistics-file "/var/named/data/named_mem_stats.txt";
   	allow-query     { any; };
       .......
       .......
   ###### Add what's between these comments ###########
   zone "isf.mycompany.com" IN {
   	type	master;
   	file	"zonefile.db";
   };
   zone "100.44.10.in-addr.arpa" IN {
   	type	master;
   	file	"reverse.db";
   };
   ########################################################
   include "/etc/named.rfc1912.zones";
   include "/etc/named.root.key";

5. On the DNS server, run the following commands to open the firewall port for DNS:

   firewall-cmd --zone=public --add-service=dns --permanent
   firewall-cmd --reload